VIP Kolkata Call Girl Kasba 👉 8250192130 Available With Room
Cs423 raw sockets_bw
1. cs423 - cotter 1
What are Raw Sockets?
1.A way to pass information to network
protocols other than TCP or UDP (e.g.
ICMP and IGMP)
2.A way to implement new IPv4 protocols
3.A way to build our own packets (be careful
here)
2. cs423 - cotter 2
Why Would We Use Them?
• Allows us to access packets sent over protocols
other than TCP / UDP
• Allows us to process IPv4 protocols in user
space
– Control, speed, troubleshooting
• Allow us to implement new IPv4 protocols
• Allows us to control the IP header
– Control option fields (beyond setsockopt() )
– Test / control packet fragmentation
3. cs423 - cotter 3
Limitations?
• Reliability Loss
• No Ports
• Nonstandard communication
• No Automatic ICMP
• Raw TCP / UDP unlikely
• Requires root / admin
4. cs423 - cotter 4
OS Involvement in Sockets
User Space Kernel Space
Socket App TCP/IP StackLinux
Socket ( AF_INET,
SOCK_STREAM,
IPPROTO_TCP)
Socket ( AF_INET,
SOCK_RAW,
IPPROTO_ICMP)
Socket ( AF_PACKET,
SOCK_RAW,
htons(ETH_P_IP))
Identify
Socket Type
Identify
Socket Type
Identify
Socket Type
TCP
IP
Ethernet
5. cs423 - cotter 5
Normal Socket Operation (TCP)
• Create a socket
– s = socket (PF_INET, SOCK_STREAM, IPPROTO_TCP)
• Bind to a port (optional)
– Identify local IP and port desired and create data structure
– bind (s, (struct sockaddr *) &sin, sizeof(sin))
• Establish a connection to server
– Identify server IP and port
– connect (s, (struct sockaddr *) &sin, sizeof(sin))
• Send / Receive data
– Place data to be send into buffer
– recv (s, buf, strlen(buf), 0);
6. cs423 - cotter 6
Normal Socket Operation (TCP)
User Space Kernel Space
Socket App ProtocolLinux
socket ( ) Create socket
TCP, IP, Internet
connect( )
Bind to local port:
Connect to remote port
send( ) TCP, IP, InternetPass data thru local
stack to remote port
OK
OK
OK
TCP
7. cs423 - cotter 7
Raw Sockets Operation (ICMP)
• Create a socket
– s = socket (PF_INET, SOCK_RAW, IPPROTO_ICMP)
• Since there is no port, there is no bind *
• There is no TCP, so no connection *
• Send / Receive data
– Place data to be sent into buffer
– sendto (s, buf, strlen(buf), 0, addr, &len);
* More later
8. cs423 - cotter 8
Raw Sockets Operation (ICMP)
User Space Kernel Space
Socket App ProtocolLinux
socket ( ) Create socket
sendto( ) IP, InternetPass data thru local
stack to remote host
OK
OK
ICMP
9. cs423 - cotter 9
Create a Raw Socket
• s = socket (AF_INET, SOCK_RAW, protocol)
– IPPROTO_ICMP, IPPROTO_IP, etc.
• Can create our own IP header if we wish
– const int on = 1;
– setsockopt (s, IPPROTO_IP, IP_HDRINCL, &on, sizeof (on));
• Can “bind”
– Since we have no port, the only effect is to associate a local IP
address with the raw socket. (useful if there are multiple local
IP addrs and we want to use only 1).
• Can “connect”
– Again, since we have no TCP, we have no connection. The
only effect is to associate a remote IP address with this socket.
10. cs423 - cotter 10
Raw Socket Output
• Normal output performed using sendto or sendmsg.
– Write or send can be used if the socket has been connected
• If IP_HDRINCL not set, starting addr of the data (buf)
specifies the first byte following the IP header that the kernel
will build.
– Size only includes the data above the IP header.
• If IP_HDRINCL is set, the starting addr of the data identifies
the first byte of the IP header.
– Size includes the IP header
– Set IP id field to 0 (tells kernel to set this field)
– Kernel will calculate IP checksum
• Kernel can fragment raw packets exceeding outgoing MTU
11. cs423 - cotter 11
Raw Socket Input
• Received TCP / UDP NEVER passed to a raw socket.
• Most ICMP packets are passed to a raw socket
– (Some exceptions for Berkeley-derived implementations)
• All IGMP packets are passed to a raw socket
• All IP datagrams with a protocol field that the kernel does
not understand (process) are passed to a raw socket.
• If packet has been fragmented, packet is reassembled
before being passed to raw socket
12. cs423 - cotter 12
Conditions that include / exclude
passing to specific raw sockets
• If a nonzero protocol is specified when raw
socket is created, datagram protocol must
match
• If raw socket is bound to a specific local
IP, then destination IP must match
• If raw socket is “connected” to a foreign IP
address, then the source IP address must
match
13. cs423 - cotter 13
Ping – Overview
• This example modified from code by Walton (Ch 18)
• Very simple program that uses ICMP to send a ping to
another machine over the Internet.
• Provides the option to send a defined number of packets
(or will send a default 25).
• We will build an ICMP packet (with a proper header,
including checksum) that will be updated each time we
send a new packet.
• We will display the raw packet that is received back from
our destination host and will interpret some of the data.
– (Output format is different from standard ping)
14. cs423 - cotter 14
ICMP Packet header
struct icmphdr {
u_int8_t type // ICMP message type (0)
u_int8_t code // ICMP type sub-code (0)
u_int16_t checksum E306, etc.
u_int16_t id // echo datagram id (use pid)
u_int16_t sequence // echo seq # 1, 2, 3, etc.
};
Packet body:
0 1 2 3 4 5 6 7 8 9 : ; < = > ? … B
15. cs423 - cotter 15
myNuPing.c (overview)
• Global Declarations
– Struct packet { }, some variables
• unsigned short checksum (void *b, int len)
– Calculate checksum for ICMP packet (header and data)
• void display (void *buf, int bytes)
– Format a received packet for display.
• void listener (void)
– Separate process to capture responses to pings
• void ping (struct sockaddr_in *addr)
– Create socket and send out pings 1/sec to specified IP addr
• int main (int count, shar *strings[ ])
– Test for valid instantiation, create addr structure
– Fork a separate process (listener) and use existing process for ping
16. cs423 - cotter 16
#defines and checksum calc
#define PACKETSIZE 64
struct packet {
struct icmphdr hdr;
char msg[PACKETSIZE-sizeof(struct icmphdr)];
};
int pid=-1;
int loops = 25;
struct protoent *proto=NULL;
unsigned short checksum(void *b, int len) {
unsigned short *buf = b;
unsigned int sum=0;
unsigned short result;
for ( sum = 0; len > 1; len -= 2 )
sum += *buf++;
if ( len == 1 )
sum += *(unsigned char*)buf;
sum = (sum >> 16) + (sum & 0xFFFF);
sum += (sum >> 16);
result = ~sum;
return result;
}
23. cs423 - cotter 23
Summary
• Raw Sockets allow access to Protocols other
than the standard TCP and UDP
• Performance and capabilities may be OS
dependent.
– Some OSs block the ability to send packets that
originate from raw sockets (although reception may
be permitted).
• Raw sockets remove the burden of the complex
TCP/IP protocol stack, but they also remove the
safeguards and support that those protocols
provide